The mBmPerfHeader.Count isn't reset to 0 in BmWriteBootToOsPerformanceData() so when the actual performance data entry count exceeds the LimitCount, the performance data collection breaks on condition if (mBmPerfHeader.Count == LimitCount), but 2nd time calling this function will not break on condition if (mBmPerfHeader.Count == LimitCount) because the mBmPerfHeader.Count always bigger than LimitCount, which results buffer overrun.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <[email protected]> Cc: Star Zeng <[email protected]> --- MdeModulePkg/Library/UefiBootManagerLib/BmPerformance.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/MdeModulePkg/Library/UefiBootManagerLib/BmPerformance.c b/MdeModulePkg/Library/UefiBootManagerLib/BmPerformance.c index 7b13ec6..e45c0bd 100644 --- a/MdeModulePkg/Library/UefiBootManagerLib/BmPerformance.c +++ b/MdeModulePkg/Library/UefiBootManagerLib/BmPerformance.c @@ -186,6 +186,11 @@ BmWriteBootToOsPerformanceData ( PERF_END(NULL, "BDS", NULL, 0); // + // Reset the entry count + // + mBmPerfHeader.Count = 0; + + // // Retrieve time stamp count as early as possible // Ticker = GetPerformanceCounter (); -- 1.9.5.msysgit.1 _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
